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What is claimed is: 

1. A method of managing a network session comprising: 

delivering policies from a server to a remote system 
that has predetermined configuration information; 

establishing a secure connection between the server 
and the pystem; and 

regulating activities in the system based on at 
least one of the set of policies and the predetermined 
configuration information . 

2 . The method of claim 1 wherein regulating the activities 
comprises providing filters that are adapted to reject 
unauthorized data packets based on rejection criteria. 



3 . The methoc. 
include the 



pre det 



4 . The method 
include the set 

5 . The method 
comprises provi 
unauthorized 
application i 



of claim 2 wherein the rejection criteria 
ermined static configuration information. 



dat 



of claim 2 wherein the rejection criteria 
of policies. 

of claim 1 wherein regulating the activities 
iing a session layer adapted to reject 
a packets based on context such as user and 
ion. 



inf ormat 



of claim 1 wherein regulating the activities 



6 . The methoc 
comprises : 

providing a session layer adapted to reject unauthorized 
data packets based on context information; and 



providing 
packets based 
context inf ormht 



filters adapted to reject unauthorized data 
on rejection criteria from at least one of the 
ion and the policies. 
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7. The metljhod of claim 1 further comprising updating the set 
of policies 

8. The method of claim 1 further comprising: 
detecting data packets from the regulated activities; and 
rejecting the data packets from the regulated activities. 

9. An article comprising a computer-readable medium which 
stores computer-executable instructions for managing a network 
session, the instructions causing a computer to: 

receive alset of policies from a server in a remote 
system having predetermined configuration inf ormation; 

establish p. secure connection between the server and the 
system; and 

manage activities in the system based on at least one of 
the set of (policies and the predetermined configuration 
information!. 
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10. The article] of claim 9, further comprising updating the 
set of policies, 



11. The article 



of claim 9 wherein the instructions to reject 



the intervening processes comprises instructions to provide 
filters that are adapted to reject data packets based on 
rejection criteria . 



12. The article of claim 11 wherein the rejection criteria 

s 

includes predetermined static configuration information. 



13. The article of claim 11 wherein the rejection criteria 

\ 

includes the set of policies. 

14. The article of\ claim 9 wherein the instructions to reject 
the unauthorized activities comprises instructions to provide 
a session layer adapted to reject unauthorized data packets 
based on context user and application information. 
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1 15. The article of claim 9 wherein the instructions to reject 

2 the unauthorized activities comprises instructions to: 

3 provide a session layer adapted to reject unauthorized 

4 data packet £5 based on context information; and 

5 provide filters adapted to reject unauthorized data 

6 packets based on rejection criteria from at least one of the 

7 context infcrmation and the policies. 

1 16. The article of claim 9, further comprising instructions 



2 to: I 

3 detect unauthorized data packets from the unauthorized 

4 activities; and 

j|> reject the unauthorized data packets from the 

y 6 unauthorized activities, 
y 1 

Jl 17. A network! system, comprising: 

nj \ 

HE first and second devices, wherein the first device is 

jL3 adapted to : 1 

yj deliver a set of policies to the second device; 

M5 and the second device is adapted to: 

6 detect Idata packets from unauthorized activities; 

7 and I 

8 reject jthe data packets from the unauthorized 

9 activities. 

1 18. The system of claim 17 further comprising a network 

2 stack. 

1 19. The system of claim 18, wherein the network stack 

2 comprises: \ 

3 a policy engine connected to the first device; 
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a policy store connected to the policy engine; 
a socket interceptor connected to the policy engine; and 
a packet guard connected to the policy engine. 

20. The system of claim 17, the first device further 
comprising instructions to monitor the system for the 
intervening processes. 

21. A network stack, comprising: 
a policy engine; 

a policy! store adapted to interact with the policy engine 
and store a set of policies from the policy engine; 

a socket linterceptor coupled to the policy engine; 

a packet guard coupled to the policy engine. 

22. The network stack of claim 21 further comprising a packet 
translator adapted to interact with the socket interceptor and 
the packet guaild. 

23. The network stack of claim 21 further comprising an 
interface to a network adapted to connect the network stack to 
the network, wherein the network has a policy server. 

24. The networW stack of claim 23 further comprising a 
configurable management process adapted to reconfigure the 
network stack and having instructions to: 



receive pol 
server; 



cies in the policy engine from the policy 



use the socket interceptor to detect and reject data 
packets from unauthorized users and applications and provide 
the packet guard with context information about the 
unauthorized userL and applications; 
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use the packet guard to filter unauthorized activities 
received from the network interface; 
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use the packe\ guard to filter the data packets from 
unauthorized users and applications based on the context 
information received W the socket interceptor; and 



15 
16 



use the packet guard\to filter data packets based on the 

policies . 
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